Lucene search
JetBrainsVULNRICHMENT:CVE-2024-27198HistoryMar 04, 2024 - 5:21 p.m.
CVE-2024-27198
2024-03-0417:21:39
JetBrains
github.com
3
jetbrains teamcity
authentication bypass
cve-2024-27198
admin actions
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.969
Percentile
99.8%
SSVC
Exploitation
active
Automatable
Yes
Technical Impact
Total
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*"
],
"vendor": "jetbrains",
"product": "teamcity",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "2023.11.4",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
cisa_kev
cisa_kev
JetBrains TeamCity Authentication Bypass Vulnerability
2024-03-07 00:00:00
githubexploit
githubexploit
nvd
nvd
CVE-2024-27198
2024-03-04 18:15:09
nessus
nessus
JetBrains TeamCity Authentication Bypass (CVE-2024-27198)
2024-03-05 00:00:00
TeamCity Server < 2023.11.4 Multiple Vulnerabilities
2024-03-05 00:00:00
thn
thn
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
2024-03-20 11:26:00
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability
2024-03-08 06:13:00
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
2024-07-16 09:00:00
cvelist
cvelist
CVE-2024-27198
2024-03-04 17:21:39
prion
prion
Authentication flaw
2024-03-04 18:15:00
cve
cve
CVE-2024-27198
2024-03-04 18:15:09
hivepro
hivepro
TeamCity Vulnerabilities Unleash Jasmin Ransomware and More
2024-03-23 02:00:31
Attacks, Vulnerabilities and Actors 4 to 10 March 2024
2024-03-13 07:25:00
Critical Vulnerabilities Discovered in TeamCity, Enable Server Takeover
2024-03-06 17:21:03
attackerkb
attackerkb
CVE-2024-27198
2024-03-04 00:00:00
CVE-2024-27199
2024-03-04 00:00:00
nuclei
nuclei
TeamCity < 2023.11.4 - Authentication Bypass
2024-03-04 20:33:19
TeamCity < 2023.11.4 - Authentication Bypass
2024-03-04 20:18:08
rapid7blog
rapid7blog
Whatβs New in Rapid7 Products & Services: Q1 2024 in Review
2024-04-04 13:00:00
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
2024-03-04 19:17:01
Metasploit Wrap-Up 03/15/2024
2024-03-15 18:20:02
wizblog
wizblog
trendmicroblog
trendmicroblog
metasploit
metasploit
JetBrains TeamCity Unauthenticated Remote Code Execution
2024-03-01 16:42:59
malwarebytes
malwarebytes
Update now! JetBrains TeamCity vulnerability abused at scale
2024-03-08 12:08:35
packetstorm
packetstorm
JetBrains TeamCity Unauthenticated Remote Code Execution
2024-03-14 00:00:00
securelist
securelist
Exploits and vulnerabilities in Q1 2024
2024-05-07 10:00:39
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.3
Confidence
Low
EPSS
0.969
Percentile
99.8%
SSVC
Exploitation
active
Automatable
Yes
Technical Impact
Total
Related for VULNRICHMENT:CVE-2024-27198